Supported tags and respective `Dockerfile` links

TBD

What is Shibboleth IdP?

Shibboleth is among the world's most widely deployed federated identity solutions, connecting users to applications both within and between organizations. Every software component of the Shibboleth system is free and open source.

Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

How to use this image

Since no two users of Shibboleth IdP are likely to configure it exactly alike, this image does not come with any default configuration.

Acquire Oracle Java

You should visit a page similar to this one at Oracle to download the Oracle JDK.

Select the Linux x64 RPM and agree to the Oracle Binary Code License Agreement.

Acquire JCE

You should visit a page similar to this one at Oracle to download the Oracle Java Crypography Extension policy files.

Create a `Dockerfile`

FROM tier/shibboleth_idp:3.3
COPY jdk-8u121-linux-x64.rpm /tmp/oracle_jdk.rpm
COPY jce_policy-8.zip /tmp/$oracle_jce_zip

Common additional sample configurations may include:

COPY server.xml /usr/local/tomcat/conf/
COPY krb5.conf /etc/

Build the container

$ docker build -t my-shibboleth-idp .

Test the configuration file

CAN THIS BE DONE? [jvf]

$ docker run -it --rm --name shibboleth-idp-test-run my-shibboleth-idp /usr/local/tomcat/bin/startup.sh

Run using a bind mount to share secrets

$ docker run -d --name my-running-shibboleth-idp -v /path/to/shibboleth_idp/certs:/opt/certs my-shibboleth-idp

Note that your host's /path/to/shibboleth_idp/certs folder should contain... TBD.

You may need to publish the ports your Shibboleth IdP is listening on to the host by specifying the -p option, for example -p 8080:80 to publish port 8080 from the container host to port 80 in the container. Make sure the port you're using is free.

Reloading config

TBD

N.B. that if every config file were on the bind mount, a REHUP of the container would work, but with the files scattered about the filesystem / unspecified....

License

Supported Docker versions

User Feedback

Issues

Contributing

Documentation

docker/shib-idp-standalone

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages